- 17 Sep, 2012 14 commits
-
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Use volatile cache to store tokens and one key per site.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Token server can be totally different then resource server.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Return token on addition. Use proxied scripts to access whole system in order to allow unprivileged user to manage own tokens. Update roles immediately in order to give unprivileged user access to validated token.
-
Łukasz Nowak authored
By requiring token_validation_method extraction plugin is only responsible for low level implementation.
-
Łukasz Nowak authored
BearerTokenModule_addNewToken allows to add token for Person passed as destination_reference. In case if Person has no key assigned new one is generated. BearerToken_isValid allows to validate token against (possibly) related person object. Base_getHMAC is low level interface to hmac module. In order to made tokens unique use User-Agent and REMOTE_ADDR in token generation body. Thanks to this token will be narrowed to one broswer. In order to avoid reuse token on different servers add Host. Key to generate HMAC are stored on Person object using bearer_token_key property.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Bearer is token used in OAuth 2. This plugin extracts this token from Authorisation header and uses defined portal type query in order to check if token is valid and for which user.
-
- 14 Sep, 2012 4 commits
-
-
Kazuhiko Shiozaki authored
-
Ivan Tyagov authored
Allow to edit Role Information using proper category (forgotten commit from 5272e987).
-
Julien Muchembled authored
-
Ivan Tyagov authored
-
- 13 Sep, 2012 5 commits
-
-
Ivan Tyagov authored
Remove not used proeprty.
-
Gabriel Monnerat authored
-
Ivan Tyagov authored
-
Ivan Tyagov authored
-
Yusei Tahara authored
-
- 12 Sep, 2012 1 commit
-
-
Yusei Tahara authored
-
- 10 Sep, 2012 2 commits
-
-
Rafael Monnerat authored
-
Rafael Monnerat authored
-
- 05 Sep, 2012 2 commits
-
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
Otherwise, we use superclass' __contains__ implementation, which uses objectIds, which is inefficient in HBTreeFolder2 to lookup a single key. This commit reverts fdf4fa44 that does not work in reality.
-
- 03 Sep, 2012 1 commit
-
-
Ivan Tyagov authored
-
- 31 Aug, 2012 1 commit
-
-
Arnaud Fontaine authored
-
- 30 Aug, 2012 2 commits
-
-
Vincent Pelletier authored
Provide migration ability from persistent Control Panel if present. Drop destructive "backward-compatibility" code (delete object if old version). Fixes Zope 2.13 .
-
Vincent Pelletier authored
Fixes Zope 2.13 .
-
- 29 Aug, 2012 4 commits
-
-
Kazuhiko Shiozaki authored
make items tales expression generic in PaymentTransactionGroup_viewSelectPaymentTransactionLineListDialog/your_sign.
-
Kazuhiko Shiozaki authored
-
Arnaud Fontaine authored
-
Arnaud Fontaine authored
-
- 28 Aug, 2012 1 commit
-
-
Vincent Pelletier authored
Otherwise, we use superclass' __contains__ implementation, which uses objectIds, which is inefficient in HBTreeFolder2 to lookup a single key.
-
- 27 Aug, 2012 3 commits
-
-
Mame Coumba Sall authored
-
Mame Coumba Sall authored
-
Julien Muchembled authored
-